Slashdot Mirror
P2P Networks Supplement Botnets
stuckinarut writes "Peer to peer file sharing network popularity is at an all time high, with hundreds of thousands of computers connected to a single P2P network at a given time. These networks are increasingly being used to trick PCs into attacking other machines, experts say. In fact, some reports indicate that peer-to-peer may actually exceed web traffic. Computer scientists have previously shown how P2P networks can be subverted so that several connected PCs gang up to attack a single machine, flooding it with enough traffic to make it crash. This can work even if the target is not part of the P2P network itself. Now, security experts are warning that P2P networks are increasingly being used to do just this. "Until January of this year we had never seen a peer-to-peer network subverted and used for an attack," says Darren Rennick of internet security company Prolexic in an advisory released recently. "We now see them constantly being subverted.""
I know my connection sees more P2P traffic than web traffic. One 175mb TV show is a lot of web pages.
Libertarian Leaning Political Discussion Forum.
From what I understand, this sounds like a new DDoS technique.
Spoof some packets and forward them to a torrent tracker that so-and-so-IP-address is a seed for popular torrents.
Watch as requests for that file flood the target. Repeat as necessary (actually, probably will need to repeat a whole lot).
What's new about it: The victims don't have to be P2P users at all (in fact, their PC could just be sitting there at the log in screen, not even in use).
We're talking about subverting P2P protocols in such a manner that completely legit P2P client software all over the net will be making regular requests to a certain target machine, because as far as the client software knows, that's where the requested file (SHREK_3_SCREENER_DVDRIP.AVI etc.) is supposedly located.